
SC-200 Microsoft Security Operations Analyst Course & SIMs 
Published 11/2023 
Duration: 13h 48m | .MP4 1280x720, 30 fps(r) | AAC, 44100 Hz, 2ch | 7.8 GB 
Genre: eLearning | Language: English
Get prepared for the SC-200 exam with instructor led labs and hands on simulations available 24/7
What you'll learn 
Learn the concepts and perform hands on activities needed to pass the SC-200 exam 
Gain a tremendous amount of knowledge involving securing Microsoft 365 and Azure Services 
Get loads of hands on experience with Security Operations for Microsoft 365 
Utilize hands on simulations that can be access anytime, anywhere! 
Requirements 
Willingness to put in the time and practice the steps shown in the course 
Description 
We really hope you'll agree, this training is way more then the average course on Udemy! 
Have access to the following: 
Training from an instructor of over 20 years who has trained thousands of people and also a Microsoft Certified Trainer 
Lecture that explains the concepts in an easy to learn method for someone that is just starting out with this material 
Instructor led hands on and simulations to practice that can be followed even if you have little to no experience 
TOPICS COVERED INCLUDING HANDS ON LECTURE AND PRACTICE TUTORIALS: 
Introduction 
Welcome to the course 
Understanding the Microsoft Environment 
Foundations of Active Directory Domains 
Foundations of RAS, DMZ, and Virtualization 
Foundations of the Microsoft Cloud Services 
DONT SKIP: The first thing to know about Microsoft cloud services 
DONT SKIP: Azure AD is now renamed to Entra ID 
Questions for John Christopher 
Order of concepts covered in the course 
Performing hands on activities 
DONT SKIP: Using Assignments in the course 
Creating a free Microsoft 365 Account 
Activating licenses for Defender for Endpoint and Vulnerabilities 
Getting your free Azure credit 
Mitigate threats to the Microsoft 365 environment by using Microsoft 365 Defender 
Microsoft Defender and Microsoft Purview admin centers 
Introduction to Microsoft 365 Defender 
Using polices to remediate threats with Email ,Teams, SharePoint & OneDrive 
Investigate, respond, and remediate threats with Defender for Office 365 
Understanding data loss prevention (DLP) in Microsoft 365 Defender 
Implement data loss prevention policies (DLP) to respond and alert 
Investigate & respond to alerts generated by data loss prevention (DLP) policies 
Understanding insider risk policies 
Generating an insider risk policy 
Investigate and respond to alerts generated by insider risk policies 
Discover and manage apps by using Microsoft Defender for Cloud Apps 
Identify, investigate, & remediate security risks by using Defender for Cloud Apps 
Mitigate endpoint threats by using Microsoft Defender for Endpoint 
Concepts of management with Microsoft Defender for Endpoint 
Setup a Windows 11 virtual machine endpoint 
Enrolling to Intune for attack surface reduction (ASR) support 
Onboarding to manage devices using Defender for Endpoint 
A note about extra features in your Defender for Endpoint 
Incidents, alert notifications, and advanced feature for endpoints 
Review and respond to endpoint vulnerabilities 
Recommend attack surface reduction (ASR) for devices 
Configure and manage device groups 
Identify devices at risk using the Microsoft Defender Vulnerability Management 
Manage endpoint threat indicators 
Identify unmanaged devices by using device discovery 
Mitigate identity threats 
Mitigate security risks related to events for Microsoft Entra ID 
Concepts of using Microsoft Entra Identity Protection 
Mitigate security risks related to Microsoft Entra Identity Protection events 
Mitigate risks related to Microsoft Entra Identity Protection inside Microsoft Defender 
Understanding Microsoft Defender for Identity 
Mitigate security risks related to Active Directory Domain Services (AD DS) using Microsoft Defender for Identity 
Manage extended detection and response (XDR) in Microsoft 365 Defender 
Concepts of the purpose of extended detection and response (XRD) 
Setup a simulation lab using Microsoft 365 Defender 
Run an attack against a device in the simulation lab 
Manage incidents & automated investigations in the Microsoft 365 Defender portal 
Run an attack simulation email campaign in Microsoft 365 Defender 
Manage actions and submissions in the Microsoft 365 Defender portal 
Identify threats by using Kusto Query Language (KQL) 
Identify and remediate security risks by using Microsoft Secure Score 
Analyze threat analytics in the Microsoft 365 Defender portal 
Configure and manage custom detections and alerts 
Investigate threats by using audit features in Microsoft 365 Defender and Microsoft Purview 
Understanding unified audit log licensing and requirements 
Setting unified audit permissions and enabling support 
Perform threat hunting by using unified audit log 
Perform threat hunting by using Content Search 
Implement and maintain cloud security posture management 
Overview of Microsoft Defender for Cloud 
Assign and manage regulatory compliance policies, including MCSB 
Improve the Microsoft Defender for Cloud secure score by applying remediation's 
Configure plans and agents for Microsoft Defender for Servers 
Configure and manage Microsoft Defender for DevOps 
Configure & manage Microsoft Defender External Attack Surface Management (EASM) 
Configure environment settings in Microsoft Defender for Cloud 
Plan and configure Microsoft Defender for Cloud settings 
Configure Microsoft Defender for Cloud roles 
Assess and recommend cloud workload protection and enable plans 
Configure automated onboarding of Azure resources 
Connect compute resources by using Azure Arc 
Connect multi-cloud resources by using Environment settings 
Respond to alerts and incidents in Microsoft Defender for Cloud 
Set up email notifications 
Create and manage alert suppression rules 
Design and configure workflow automation in Microsoft Defender for Cloud 
Generate sample alerts and incidents in Microsoft Defender for Cloud 
Remediate alerts and incidents by using MS Defender for Cloud recommendations 
Manage security alerts and incidents 
Analyze Microsoft Defender for Cloud threat intelligence reports 
Design and configure a Microsoft Sentinel workspace 
Concepts of Microsoft Sentinel 
Plan a Microsoft Sentinel workspace 
Configure Microsoft Sentinel roles 
Design and configure Microsoft Sentinel data storage, log types and log retention 
Plan and implement the use of data connectors for ingestion of data sources in Microsoft Sentinel 
Identify data sources to be ingested for Microsoft Sentinel 
Configure and use MS Sentinel connectors, Azure Policy & diagnostic settings 
Configure Microsoft Sentinel connectors for MS 365 Defender & Defender for Cloud 
Design and configure Syslog and Common Event Format (CEF) event collections 
Design and configure Windows security event collections 
Configure threat intelligence connectors 
Create custom log tables in the workspace to store ingested data 
Manage Microsoft Sentinel analytics rules 
Concepts of Microsoft Sentinel analytics rules 
Configure the Fusion rule 
Configure Microsoft security analytics rules 
Configure built-in scheduled query rules 
Configure custom scheduled query rules 
Configure near-real-time (NRT) analytics rules 
Manage analytics rules from Content hub 
Manage and use watchlists 
Manage and use threat indicators 
Perform data classification and normalization 
Classify and analyze data by using entities 
Query Microsoft Sentinel data by using Advanced Security Information Model(ASIM) 
Develop and manage ASIM parsers 
Configure security orchestration automated response (SOAR) in Microsoft Sentinel 
Create and configure automation rules 
Create and configure Microsoft Sentinel playbooks 
Configure analytic rules to trigger automation rules 
Trigger playbooks from alerts and incidents 
Manage Microsoft Sentinel incidents 
Configure an incident generation 
Triage incidents in Microsoft Sentinel 
Investigate incidents in Microsoft Sentinel 
Respond to incidents in Microsoft Sentinel 
Investigate multi-workspace incidents 
Use Microsoft Sentinel workbooks to analyze and interpret data 
Activate and customize Microsoft Sentinel workbook templates 
Create custom workbooks 
Configure advanced visualizations 
Hunt for threats by using Microsoft Sentinel 
Analyze attack vector coverage by using MITRE ATT&CK in Microsoft Sentinel 
Customize content gallery hunting queries 
Create custom hunting queries 
Use hunting bookmarks for data investigations 
Monitor hunting queries by using Livestream 
Retrieve and manage archived log data 
Create and manage search jobs 
Manage threats by using User and Entity Behavior Analytics 
Configure User and Entity Behavior Analytics settings 
Investigate threats by using entity pages 
Configure anomaly detection analytics rules 
Conclusion 
Cleaning up your lab environment 
Getting a Udemy certificate 
BONUS Where do I go from here? 
Who this course is for: 
IT people interested in learning and passing the Microsoft SC-200 Exam 
People interested in learning a tremendous amount about Security Operations for Microsoft 365 

AusFile
https://ausfile.com/so9n7zz8kktd/yxusj..-.SC-200.Microsoft.Security.Operations.Analyst.Course..SIMs.part1.rar https://ausfile.com/j0i5ckhjv3jd/yxusj..-.SC-200.Microsoft.Security.Operations.Analyst.Course..SIMs.part2.rar https://ausfile.com/tdvnbqxkb3zu/yxusj..-.SC-200.Microsoft.Security.Operations.Analyst.Course..SIMs.part3.rar https://ausfile.com/5ruekosvtfoj/yxusj..-.SC-200.Microsoft.Security.Operations.Analyst.Course..SIMs.part4.rar https://ausfile.com/a8qodw2hg7cj/yxusj..-.SC-200.Microsoft.Security.Operations.Analyst.Course..SIMs.part5.rar https://ausfile.com/sn9l22utakp4/yxusj..-.SC-200.Microsoft.Security.Operations.Analyst.Course..SIMs.part6.rar


